Add work exchange account to outlook on home computer

Discussion in 'Software for Windows' started by bgstcola, Jan 3, 2013.

  1. Nothinman

    Nothinman Elite Member

    Joined:
    Sep 14, 2001
    Messages:
    30,672
    Likes Received:
    0
    But you do have a lot of information that could let bad guys steal identities of your students and fellow employees. Security should be on by default with you only letting a known set of people have access to what they need, although sadly very few people understand that.

    Citrix isn't a VPN. A real VPN would give you some level of internal network access remotely so that you could setup Outlook to access the Exchange server, provided that was part of the network access that's granted. That and the fact that they mentioned POP3 when you said Outlook Anywhere makes me lean towards them being incompetent and not just blowing smoke up your ass to make you go away.
     
  2. bgstcola

    bgstcola Member

    Joined:
    Aug 30, 2010
    Messages:
    146
    Likes Received:
    0
    But would you say it would be a bad idea for a school to allow the teachers VPN access? or Outlook Anywher?
     
  3. Ferzerp

    Ferzerp Diamond Member

    Joined:
    Oct 12, 1999
    Messages:
    6,107
    Likes Received:
    1

    Doesn't matter what anyone here would say.

    Apparently the security policy that you've agreed to as a provision of being allowed to have an account says that it isn't allowed.

    You did sign some paperwork did you not?
     
  4. Nothinman

    Nothinman Elite Member

    Joined:
    Sep 14, 2001
    Messages:
    30,672
    Likes Received:
    0
    Not as long as it's done properly. But I'm also not the party responsible for that data. I was just responding to your idea that you don't have any data worth stealing. Everyone has data worth stealing from their country's equivalent to a US social security number to just bandwidth to be used for DDoS attacks.
     
  5. Dstoop

    Dstoop Member

    Joined:
    Sep 2, 2012
    Messages:
    151
    Likes Received:
    0
    Correct, accessing the exchange server directly with no VPN = huge security holes. Accessing with VPN is considered "as secure as it can be" and is a popular corporate solution due to the added security checks that can be done on your system when creating the VPN connection.

    As you work at a school, odds are the IT department simply doesn't have any of the backend configured to allow VPN access. It's not a matter of simply provisioning you a VPN account, that takes two seconds. They would have to do all the legwork of properly configuring VPN access on their end, just so you don't have to type in your OWA password.

    Yes, MS may have done a lot on both the client side and the server side over the years through numerous improvements built right into the latest software, Exchange, OS, etc. But the users home PC is an untrusted environment. All those improvements mean jack squat if your employee is still running Windows XP (no service packs), hasn't run windows update ever, and is still running IE6 and Office XP.

    As for cloud computing and hosted exchange, we're talking apples and oranges. These services are acceptable and reasonably secure *because* they do have the infrastructure backing them like properly configured edge servers and high-end security devices, virus scanners, IDS, etc. Hell, the appeal of these services is that your company doesn't have to deal with any of that, you're paying a premium for all of that to be somebody else's problem (and somebody else's expense). The OP doesn't have any of that. Most small businesses, in this case a school, doesn't have all that fancy security mumbo-jumbo to work under the assumption that the connecting client is as compromised as it possibly can be. If they did, we wouldn't be having this conversation because they'd have just given him a VPN login and called it a day. The OP circumventing the school's security procedures and policies is putting a security hole in the school's network that shouldn't be there. I agree that the odds of anything truly negative or damaging coming from it are pretty slim, but that still doesn't make it a good idea to do anyway.
     
  6. Nothinman

    Nothinman Elite Member

    Joined:
    Sep 14, 2001
    Messages:
    30,672
    Likes Received:
    0
    Any Windows PC should be considered untrusted regardless of location. Virtually every malware cleaning or PC reload because of malware has been on a company PC with some brand of corporate A/V. And corporations are the ones still clinging to XP so that's largely irrelevant.

    Not really. Every vendor is pushing "Private clouds" too which usually includes Outlook Anywhere and publicly available VDI or RDS. And if you don't have properly configured security and networking equipment you're fucked anyway. Internal security is just as important if not more-so than external because people are constantly bringing in personal devices and connecting them to the network even if it's just via wireless. Much to the dismay of security people, BYOD is gaining traction and is going to be a huge benefit and problem going forward.

    And yet Windows SBS Server and Server Essentials come with all of those capabilities because it's what people want and what has been the norm for a while now. If a school isn't budgeting enough to their IT department for security, that's a completely separate problem and can't be fixed by technology.

    Security is all about trade-offs and most business people will consider a risk that's "pretty slim" that would provide significant productivity benefits a no-brainer.

    But we agree that the OP shouldn't be attempting to workaround his employers security regardless of how stupid the reasoning or poor the implementation.
     
  7. blurredvision

    Joined:
    Oct 19, 2000
    Messages:
    17,858
    Likes Received:
    0
    Geez, what a cluster of a thread. OP, here's what you do. While at work, go into your email profile settings and find what the Exchange server is set to. Then, go home, go into the Control Panel and then select the "Mail" icon. Go into Profiles and create a new profile. Then, set up a new email account under that profile.

    Select the option to configure your settings manually. Choose an Exchange account. Then, enter the Exchange server as it was on your computer, enter your first and last name, then click on More Settings. Go to the Connection tab, enable the Outlook Anywhere/proxy setting towards the bottom and go into the settings. For the web address, enter your OWA address, typically something like "mail.company.com" or "owa.company.com". Then, check "on fast" and "on slow", then select Basic Authentication at the bottom.

    Click OK, Click OK, then click "Check Name" where you entered the server and your name. If you did it correctly, it should hopefully prompt you for a username and password. Enter it just as you would on the OWA website.

    There are many things that would cause this not to work, but this is the most basic way to get your email at home in Outlook.
     
  8. bgstcola

    bgstcola Member

    Joined:
    Aug 30, 2010
    Messages:
    146
    Likes Received:
    0
    Thanks I ended up forwarding my work mail to a Google Apps account and then I use eM Client to connect to the Google accounts. I don't get the address book and the calendar but besides this it works pretty good.

    Maybe I will try the last suggestions but I really like the way eM Client integrates with Google Apps and if I did go back to Outlook I would lose that. I just there was some way to get the calendar to work in eM Client. You can't have everything I guess.

    Anyways thanks again for all the suggestions.
     
  9. Nothinman

    Nothinman Elite Member

    Joined:
    Sep 14, 2001
    Messages:
    30,672
    Likes Received:
    0
    So now all of your internal, work email is being stored, scanned, etc by Google? That's probably the worst possible solution.
     
  10. Dstoop

    Dstoop Member

    Joined:
    Sep 2, 2012
    Messages:
    151
    Likes Received:
    0
    And they wonder why deskside support is the most stressful job in all of IT D:

    This is the kind of thing those IT techs are obligated to report when they see it while fixing something else on someones workstation, and the kind of thing people get fired for.
     
  11. bgstcola

    bgstcola Member

    Joined:
    Aug 30, 2010
    Messages:
    146
    Likes Received:
    0
    Well they already know that I'm forwarding my mail because they helped me doing it.

    I really think this is a cultural difference. In Denmark it is highly unlikely that you would get fired for stuff like this.
     
  12. Dstoop

    Dstoop Member

    Joined:
    Sep 2, 2012
    Messages:
    151
    Likes Received:
    0
    Your specific company may care less than most, but i'm pretty confident that computer security best practices and the potential for confidential company data to be externally leaked are worldwide concerns in the business world.
     
  13. Nothinman

    Nothinman Elite Member

    Joined:
    Sep 14, 2001
    Messages:
    30,672
    Likes Received:
    0
    Well that confirms it, they're incompetent.